[Resolvido!] Uso de CPU

Yukko~ · Fevereiro 17, 2010

Olá.

Olha, não sei que problema específico estou tendo, mas as vezes, tenho 100% do uso de CPU, e pouquissima paginação ao mesmo tempo. Achei melhor vim e fazer um análise.

Ah, tenho duas unidades D e C, preciso ter log das duas?

Grata desde já :D

HiJackThis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:43:23, on 17/2/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

D:\WINDOWS\Explorer.EXE

D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

D:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe

D:\WINDOWS\system32\HPZipm12.exe

D:\WINDOWS\RTHDCPL.EXE

D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

D:\Arquivos de programas\Messenger\msmsgs.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

D:\WINDOWS\system32\wscntfy.exe

C:\Hijackthis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - D:\ARQUIV~1\Neopets\Toolbar\Toolbar.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - D:\ARQUIV~1\Neopets\Toolbar\Toolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [startCCC] "D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [avgnt] "D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [MSMSGS] "D:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\RunOnce: [shockwave Updater] D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_pt-BR;_rv:1.9.1.7)_Gecko/20091221_Firefox/3.5.7" -"http://www.shockwave.com/gamelanding/figureskating.jsp?extcmp=2_figureskating_ON_df_OL_online_home"

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] D:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Baixar com o FDM - file://D:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o FDM - file://D:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selecionado pelo FDM - file://D:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - (no file)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

--

End of file - 7865 bytes

DigRam · Fevereiro 22, 2010

É, eu queria mesmo ajuda XD

//////////////\\\\\\\\\\\\\\\

Boa Noite! Yukko

<!> O log não apresenta entradas ruins!

Ah, tenho duas unidades D e C, preciso ter log das duas?

<!> Não! Pelo menos com o HijackThis,será ignorado essa verificação.

°°°°°°°°°°°°°°°°°°°°°

<@> Baixe: < > ( ...by OldTimer Tools )

<@> Salve-o no desktop ou unidade D.

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Marque as caixas:

<!> [] LOP check e [] Purity check

<@> Clique em: < > --> Aguarde!

<@> Poste:

<1> OTL.txt <--

<2> Extra.txt <--

Abraços!

Yukko~ · Fevereiro 23, 2010

Caramba.. Pensei que ia aparecer alguma coisa no HiJackThis, anda cada vez mais constante essa sobrecarga da CPU, mas enfim.. Aqui estão os Logs:

OTL.txt:

OTL logfile created on: 23/2/2010 12:08:27 - Run 1

OTL by OldTimer - Version 3.1.30.1 Folder = D:\Documents and Settings\Gabriela\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Arquivos de programas

Drive C: | 114,42 Gb Total Space | 68,04 Gb Free Space | 59,46% Space Free | Partition Type: NTFS

Drive D: | 183,67 Gb Total Space | 105,78 Gb Free Space | 57,59% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: GABRIELA

Current User Name: Gabriela

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - D:\Documents and Settings\Gabriela\Desktop\OTL.exe (OldTimer Tools)

PRC - D:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - D:\Arquivos de programas\bfgclient\bfgclient.exe ()

PRC - D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - D:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - D:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

PRC - D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

PRC - D:\Arquivos de programas\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)

PRC - D:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)

PRC - D:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - D:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)

PRC - D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)

PRC - D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)

PRC - D:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

PRC - D:\WINDOWS\system32\HPZipm12.exe (HP)

========== Modules (SafeList) ==========

MOD - D:\Documents and Settings\Gabriela\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (WMPNetworkSvc) -- File not found

SRV - (LVPrcSrv) -- File not found

SRV - (AntiVirService) -- D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (Nero BackItUp Scheduler 4.0) -- D:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (AntiVirSchedulerService) -- D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (SeaPort) -- D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

SRV - (Ati HotKey Poller) -- D:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)

SRV - (ATI Smart) -- D:\WINDOWS\system32\ati2sgag.exe ()

SRV - (Microsoft Office Groove Audit Service) -- D:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

SRV - (odserv) -- D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (ose) -- D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Pml Driver HPZ12) -- D:\WINDOWS\system32\HPZipm12.exe (HP)

SRV - (IDriverT) -- D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- D:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (MBAMSwissArmy) -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (ssmdrv) -- D:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avipbb) -- D:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (ElbyCDIO) -- D:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)

DRV - (avgio) -- D:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (sptd) -- D:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (usbaudio) Driver de áudio USB (WDM) -- D:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (Secdrv) -- D:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (HDAudBus) -- D:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (ati2mtag) -- D:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (motmodem) -- D:\WINDOWS\system32\drivers\motmodem.sys (Motorola)

DRV - (ElbyCDFL) -- D:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)

DRV - (PxHelp20) -- D:\WINDOWS\system32\Drivers\PxHelp20.sys (Sonic Solutions)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- D:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (HPZid412) -- D:\WINDOWS\system32\drivers\HPZid412.sys (HP)

DRV - (HPZius12) -- D:\WINDOWS\system32\drivers\HPZius12.sys (HP)

DRV - (HPZipr12) -- D:\WINDOWS\system32\drivers\HPZipr12.sys (HP)

DRV - (usb_rndisx) -- D:\WINDOWS\system32\drivers\usb8023x.sys (Microsoft Corporation)

DRV - (npkcusb) -- D:\Arquivos de programas\Gravity\Ragnarok Online\npkcusb.sys (INCA Internet Co., Ltd.)

DRV - (npkcrypt) -- D:\Arquivos de programas\Gravity\Ragnarok Online\npkcrypt.sys (INCA Internet Co., Ltd.)

DRV - (LVPrcMon) -- D:\WINDOWS\system32\drivers\LVPrcMon.sys ()

DRV - (Lvckap) -- D:\WINDOWS\system32\drivers\Lvckap.sys ()

DRV - (rtl8139) Realtek RTL8139(A/B/C) -- D:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

DRV - (Ptilink) -- D:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

IE - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\S-1-5-21-1993962763-1004336348-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.2

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1

FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: D:\Arquivos de programas\Mozilla Firefox\components [2010/02/21 17:17:20 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: D:\Arquivos de programas\Mozilla Firefox\plugins [2010/02/21 17:17:21 | 000,000,000 | ---D | M]

[2008/09/28 21:39:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Mozilla\Extensions

[2010/02/23 12:07:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Mozilla\Firefox\Profiles\46l4r82v.default\extensions

[2010/01/29 17:59:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Mozilla\Firefox\Profiles\46l4r82v.default\extensions\personas@christopher.beard

[2007/03/08 11:37:14 | 000,000,000 | ---D | M] -- D:\Arquivos de programas\Mozilla Firefox\extensions

[2009/08/31 21:20:23 | 002,442,736 | ---- | M] (DNAML Pty Ltd) -- D:\Arquivos de programas\Mozilla Firefox\plugins\npdbplug.dll

[2010/02/21 17:17:21 | 000,024,576 | ---- | M] (RealNetworks) -- D:\Arquivos de programas\Mozilla Firefox\plugins\npgcplug.dll

[2005/04/27 17:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- D:\Arquivos de programas\Mozilla Firefox\plugins\npracplug.dll

[2006/09/26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- D:\Arquivos de programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll

[2009/12/22 01:01:30 | 000,001,027 | ---- | M] () -- D:\Arquivos de programas\Mozilla Firefox\searchplugins\buscape.xml

[2010/02/18 21:27:49 | 000,001,212 | ---- | M] () -- D:\Arquivos de programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2009/12/22 01:01:30 | 000,001,168 | ---- | M] () -- D:\Arquivos de programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2009/12/22 01:01:30 | 000,000,648 | ---- | M] () -- D:\Arquivos de programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2010/01/26 11:40:38 | 000,316,918 | R--- | M]) - D:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 10896 more lines...

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Arquivos de programas\Free Download Manager\iefdm2.dll ()

O2 - BHO: (Neopets) - {CD292324-974F-4224-D074-CACA427AA030} - D:\Arquivos de programas\Neopets\Toolbar\toolbar.dll (Velocity Services, Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Neopets) - {CD292324-974F-4224-D074-CACA427AA030} - D:\Arquivos de programas\Neopets\Toolbar\toolbar.dll (Velocity Services, Inc.)

O3 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\..\Toolbar\WebBrowser: (Neopets) - {CD292324-974F-4224-D074-CACA427AA030} - D:\Arquivos de programas\Neopets\Toolbar\toolbar.dll (Velocity Services, Inc.)

O4 - HKLM..\Run: [avgnt] D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [RTHDCPL] D:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [startCCC] D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()

O4 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003..\Run: [spybotSD TeaTimer] D:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003..\RunOnce: [shockwave Updater] D:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_( File not found

O4 - Startup: D:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Baixar com o FDM - D:\Arquivos de programas\Free Download Manager\dllink.htm ()

O8 - Extra context menu item: Baixar tudo com o FDM - D:\Arquivos de programas\Free Download Manager\dlall.htm ()

O8 - Extra context menu item: Download selecionado pelo FDM - D:\Arquivos de programas\Free Download Manager\dlselected.htm ()

O8 - Extra context menu item: Download video with Free Download Manager - D:\Arquivos de programas\Free Download Manager\dlfvideo.htm ()

O8 - Extra context menu item: E&xportar para o Microsoft Excel - D:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\.DEFAULT\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-18\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\..Trusted Domains: 63 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.6.0.103 201.6.0.101

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: D:\Documents and Settings\Gabriela\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: D:\Documents and Settings\Gabriela\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007/03/08 00:30:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{f1d65cb9-927e-11dd-a60e-0019218c9b72}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/23 12:03:08 | 000,549,376 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Gabriela\Desktop\OTL.exe

[2010/02/21 17:17:24 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- D:\Arquivos de programas\RngInterstitial.dll

[2010/02/21 17:17:20 | 000,000,000 | ---D | C] -- D:\Arquivos de programas\Real

[2010/02/21 17:17:18 | 000,000,000 | ---D | C] -- D:\Arquivos de programas\Arquivos comuns\Real

[2010/02/08 17:20:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Documentos\iwin

[2010/02/08 17:19:59 | 000,000,000 | ---D | C] -- D:\WINDOWS\Jojos Fashion Show World Tour

[2010/02/04 17:14:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dados de aplicativos\FarmFrenzy3_America

[2010/01/30 18:54:54 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\WINDOWS\System32\CmdLineExt.dll

[2010/01/28 13:57:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Realore JanesZOO

[2010/01/27 16:32:10 | 000,000,000 | ---D | C] -- D:\WINDOWS\Virtual Families

[2010/01/27 13:25:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Gabriela\Meus documentos\Hasbro

[2010/01/26 21:11:16 | 000,000,000 | ---D | C] -- D:\WINDOWS\The Game of Life - SpongeBob SquarePants Edition

[2010/01/26 21:11:16 | 000,000,000 | ---D | C] -- D:\Arquivos de programas\The Game of Life - SpongeBob SquarePants Edition

[2010/01/26 11:47:25 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Gabriela\Recent

[2009/10/13 18:40:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft

[2009/10/13 18:40:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft

[2009/10/13 18:40:00 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dados de aplicativos\Microsoft

[2009/10/13 18:40:00 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dados de aplicativos\Microsoft

[2009/07/13 17:35:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Dados de aplicativos\Adobe

[5 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[1 D:\*.tmp files -> D:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/23 12:03:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Gabriela\Desktop\OTL.exe

[2010/02/21 17:17:24 | 000,000,747 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\RealArcade.lnk

[2010/02/21 17:17:20 | 000,774,144 | ---- | M] (RealNetworks, Inc.) -- D:\Arquivos de programas\RngInterstitial.dll

[2010/02/21 14:33:35 | 001,064,242 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI

[2010/02/21 14:33:35 | 000,468,900 | ---- | M] () -- D:\WINDOWS\System32\perfh016.dat

[2010/02/21 14:33:35 | 000,435,896 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat

[2010/02/21 14:33:35 | 000,077,372 | ---- | M] () -- D:\WINDOWS\System32\perfc016.dat

[2010/02/21 14:33:35 | 000,068,540 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat

[2010/02/19 16:28:41 | 000,035,207 | ---- | M] () -- D:\Documents and Settings\Gabriela\Desktop\Faísca e Espoleta.jpg

[2010/02/05 14:52:26 | 000,068,823 | ---- | M] () -- D:\Documents and Settings\Gabriela\Desktop\Lentes.docx

[2010/02/01 20:21:07 | 000,046,080 | ---- | M] () -- D:\Documents and Settings\Gabriela\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/30 22:33:10 | 000,015,000 | ---- | M] () -- D:\Documents and Settings\Gabriela\Meus documentos\Gisele, gee.docx

[2010/01/30 18:54:54 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\WINDOWS\System32\CmdLineExt.dll

[2010/01/26 21:11:37 | 000,001,964 | ---- | M] () -- D:\Documents and Settings\Gabriela\Desktop\The Game of Life - SpongeBob SquarePants Edition.lnk

[2010/01/26 11:40:38 | 000,316,918 | R--- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts.msn

[2010/01/26 11:40:38 | 000,316,918 | R--- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts

[5 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[1 D:\WINDOWS\System32\drivers\etc\*.tmp files -> D:\WINDOWS\System32\drivers\etc\*.tmp -> ]

[1 D:\*.tmp files -> D:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/21 17:17:24 | 000,000,747 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\RealArcade.lnk

[2010/02/19 16:28:39 | 000,035,207 | ---- | C] () -- D:\Documents and Settings\Gabriela\Desktop\Faísca e Espoleta.jpg

[2010/02/05 14:44:35 | 000,068,823 | ---- | C] () -- D:\Documents and Settings\Gabriela\Desktop\Lentes.docx

[2010/01/30 22:33:10 | 000,015,000 | ---- | C] () -- D:\Documents and Settings\Gabriela\Meus documentos\Gisele, gee.docx

[2010/01/26 21:11:37 | 000,001,964 | ---- | C] () -- D:\Documents and Settings\Gabriela\Desktop\The Game of Life - SpongeBob SquarePants Edition.lnk

[2009/10/07 18:28:41 | 000,000,041 | -HS- | C] () -- D:\Documents and Settings\All Users\Dados de aplicativos\.zreglib

[2009/09/02 21:49:45 | 000,000,719 | R--- | C] () -- D:\WINDOWS\System32\InstExec.ini

[2009/09/02 21:48:46 | 000,000,544 | ---- | C] () -- D:\WINDOWS\_delis32.ini

[2009/08/31 21:16:01 | 000,241,744 | ---- | C] () -- D:\WINDOWS\System32\DNLEng.dll

[2009/08/08 17:01:11 | 000,163,616 | ---- | C] () -- D:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\FontCache3.0.0.0.dat

[2009/03/24 18:48:31 | 000,164,352 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll

[2009/03/24 18:48:30 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini

[2009/03/24 18:48:28 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll

[2009/03/24 18:48:28 | 000,755,027 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll

[2009/03/24 18:48:28 | 000,159,839 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll

[2009/03/24 18:48:26 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll

[2009/03/24 18:48:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest

[2009/02/13 13:13:24 | 000,000,218 | ---- | C] () -- D:\WINDOWS\LKAC.INI

[2008/10/26 16:36:59 | 000,717,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\sptd.sys

[2008/10/26 14:46:02 | 000,000,169 | ---- | C] () -- D:\WINDOWS\RtlRack.ini

[2008/10/26 14:42:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini

[2008/10/14 19:16:06 | 000,002,528 | ---- | C] () -- D:\Documents and Settings\Gabriela\Dados de aplicativos\$_hpcst$.hpc

[2008/10/01 14:47:06 | 000,162,304 | ---- | C] () -- D:\Documents and Settings\Gabriela\Configurações locais\Dados de aplicativos\unrar.dll

[2008/09/30 16:09:42 | 000,046,080 | ---- | C] () -- D:\Documents and Settings\Gabriela\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/09/30 15:35:35 | 000,077,824 | R--- | C] () -- D:\WINDOWS\System32\HPZIDS01.dll

[2008/09/30 15:30:28 | 000,000,757 | ---- | C] () -- D:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log

[2005/09/01 13:11:52 | 001,912,064 | ---- | C] () -- D:\WINDOWS\System32\drivers\LVMVdrv.sys

[2005/09/01 13:11:52 | 000,016,768 | ---- | C] () -- D:\WINDOWS\System32\drivers\LVPrcMon.sys

[2005/09/01 13:09:28 | 002,169,984 | ---- | C] () -- D:\WINDOWS\System32\drivers\Lvckap.sys

[2001/07/07 03:00:02 | 000,003,277 | ---- | C] () -- D:\WINDOWS\System32\HPTCPMON.INI

========== LOP Check ==========

[2009/01/16 18:08:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\19196

[2007/03/08 09:40:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\AlawarWrapper

[2009/07/26 19:35:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software

[2009/12/07 21:06:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\eGames

[2009/11/29 18:54:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\Electronic Arts

[2009/01/08 20:04:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\FamilyFlights

[2010/02/04 17:40:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\FarmFrenzy3_America

[2009/04/25 09:37:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\Fashion Solitaire 1.2

[2008/11/27 19:08:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG

[2009/03/22 21:46:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\FreshGames

[2009/07/19 17:45:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\GamesBar

[2010/01/14 19:41:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\iWin

[2008/10/07 21:38:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

[2008/10/29 17:03:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\n7-89-o9-3r-4t-r9

[2009/12/07 18:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\PlayFirst

[2009/03/18 20:14:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\Sandlot Games

[2009/12/08 03:59:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\SlySoft

[2007/03/08 09:40:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2009/10/19 12:51:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\WildTangent

[2008/10/06 16:20:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dados de aplicativos\Zylom

[2009/12/08 19:36:10 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\.#

[2009/11/26 20:34:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\BitTorrent

[2009/03/31 08:14:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\BrOffice.org2

[2008/10/26 16:36:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\DAEMON Tools

[2009/12/07 21:06:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\eGames

[2010/02/23 12:07:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Free Download Manager

[2009/03/01 21:06:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\GameHouse

[2009/02/05 15:27:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Image Zone Express

[2010/01/14 19:41:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\iWin

[2009/02/03 18:59:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Jane s Hotel

[2009/02/05 18:33:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Jane s Hotel Family Hero

[2010/01/15 23:16:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\My Games

[2008/10/09 14:36:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Neopets Toolbar

[2008/09/28 21:21:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Netscape

[2008/11/02 16:19:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\PetShowCraze

[2009/12/07 18:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\PlayFirst

[2007/03/08 02:25:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\RenPy

[2009/10/07 15:04:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Shockwave JanesZOO

[2009/04/23 18:09:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Shockwave_DressUpRush

[2009/02/09 14:28:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\ShockWave_JanesRealty

[2009/05/05 15:08:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Shutterfly

[2009/06/03 14:32:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Windows Live Writer

[2009/03/22 21:46:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Zylom

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 339 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4EDC977B

@Alternate Data Stream - 293 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9AF3A05F

@Alternate Data Stream - 24 bytes -> D:\WINDOWS:A13295A7311D55BE

@Alternate Data Stream - 177 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:483AC68A

@Alternate Data Stream - 171 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:82591FF7

@Alternate Data Stream - 149 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A63D33A

@Alternate Data Stream - 143 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F69BB936

@Alternate Data Stream - 142 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:2AEB42F1

@Alternate Data Stream - 135 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:695CE4C3

@Alternate Data Stream - 133 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A988B257

@Alternate Data Stream - 132 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F22A9E77

@Alternate Data Stream - 130 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:6DD93FF7

@Alternate Data Stream - 130 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:6D6C4572

@Alternate Data Stream - 129 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:148EE14E

@Alternate Data Stream - 128 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5D52AB7A

@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:CAFA2B66

@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5E22637F

@Alternate Data Stream - 126 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9A00FBCA

@Alternate Data Stream - 126 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:70258565

@Alternate Data Stream - 125 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@Alternate Data Stream - 124 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:73828A71

@Alternate Data Stream - 123 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:96FAC731

@Alternate Data Stream - 123 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:91486201

@Alternate Data Stream - 122 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:247D483C

@Alternate Data Stream - 120 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C70C5141

@Alternate Data Stream - 120 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:417EFB56

@Alternate Data Stream - 119 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D26DD363

@Alternate Data Stream - 118 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:63DBE157

@Alternate Data Stream - 117 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:04A2BA27

@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D37AE80B

@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:78CC8F21

@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:67DF79FC

@Alternate Data Stream - 113 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9FC5F43A

@Alternate Data Stream - 113 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:904251FD

@Alternate Data Stream - 112 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:B606BA34

@Alternate Data Stream - 111 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9E1C306C

@Alternate Data Stream - 111 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0725B4DA

@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:435657D8

@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:18F64313

@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:084B0270

@Alternate Data Stream - 108 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:EDDEC855

@Alternate Data Stream - 108 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5E3B85EF

@Alternate Data Stream - 106 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:80EFC1E5

@Alternate Data Stream - 103 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4363DE71

< End of report >

Extras.txt:

OTL Extras logfile created on: 23/2/2010 12:08:28 - Run 1

OTL by OldTimer - Version 3.1.30.1 Folder = D:\Documents and Settings\Gabriela\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Arquivos de programas

Drive C: | 114,42 Gb Total Space | 68,04 Gb Free Space | 59,46% Space Free | Partition Type: NTFS

Drive D: | 183,67 Gb Total Space | 105,78 Gb Free Space | 57,59% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: GABRIELA

Current User Name: Gabriela

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- D:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "D:\Arquivos de programas\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

http [open] -- "D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

https [open] -- "D:\Arquivos de programas\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- D:\ARQUIV~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "D:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"D:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = D:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"D:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = D:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe" = D:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)

"D:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe" = D:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe" = D:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)

"D:\Arquivos de programas\DreMule\emule.exe" = D:\Arquivos de programas\DreMule\emule.exe:*:Enabled:Dreamule -- (http://www.dreamule.org)

"D:\Arquivos de programas\Free Download Manager\fdm.exe" = D:\Arquivos de programas\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager -- (FreeDownloadManager.ORG)

"D:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"D:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = D:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)

"D:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = D:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)

"D:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe" = D:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"D:\Arquivos de programas\Electronic Arts\MySims\bin\MySims.exe" = D:\Arquivos de programas\Electronic Arts\MySims\bin\MySims.exe:*:Enabled:MySims -- ()

"J:\Estrateg\Legal\Legal.EXE" = J:\Estrateg\Legal\Legal.EXE:*:Disabled:Legal -- File not found

"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"D:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = D:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"D:\Arquivos de programas\BitTorrent\bittorrent.exe" = D:\Arquivos de programas\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

"D:\Arquivos de programas\Electronic Arts\EADM\Core.exe" = D:\Arquivos de programas\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- File not found

"D:\Arquivos de programas\Skype\Phone\Skype.exe" = D:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{025B57B1-D28C-4036-A04F-003CF3CBDA6D}_is1" = Sonic & Knuckles Collection

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{099FEA83-5453-2C4F-C7D5-0F96A15EECB9}" = CCC Help Czech

"{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos

"{0CDBDF83-47D9-A7FF-7DD7-0EDB301036F9}" = Catalyst Control Center Graphics Light

"{10741D95-9212-9517-4B85-73D5328EE7B4}" = Catalyst Control Center Localization Finnish

"{13E3F513-689E-4CA3-98FD-84538A9DCD8D}_is1" = The Sims 3 Patch Retail 1.0.631

"{159CB176-47AD-21B6-A3D9-884EC4467680}" = CCC Help German

"{1AA25012-E66C-CC1F-B051-542DCC66A779}" = Catalyst Control Center Localization Chinese Standard

"{1BB7C0A6-EAFF-45B2-A6A3-C40B99CA0672}_is1" = Jazz Jackrabbit 2

"{1ED5D3CF-7F25-D2D4-1278-E3452756005E}" = CCC Help Thai

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{225C597F-ADCF-C971-2382-AAFD48C4833B}" = CCC Help Dutch

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress

"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1

"{2C6599FC-82F3-E1C3-DE64-310FD49BC0D6}" = Catalyst Control Center Localization Chinese Traditional

"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5

"{3025FB89-4D39-5A60-A35E-22626F26D66E}" = Catalyst Control Center Localization Hungarian

"{302628A9-D401-F4FB-3792-150D833A9A5F}" = CCC Help Norwegian

"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call

"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone

"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder

"{3867679D-3074-6A1E-FE3C-144B38107EE6}" = CCC Help Portuguese

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3EDF07A0-0362-4881-A772-ED4E66D3084A}" = Barbie® idesign Ultimate Stylist

"{4040F345-2058-369F-DC50-27F0E1ACB44F}" = CCC Help Italian

"{415E5C36-93A7-EAFE-AE81-EE4D48FEC14B}" = CCC Help Spanish

"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm

"{478FCEEE-053D-4445-AE08-E4D0FF42A538}_is1" = Captain Claw

"{494AED4F-B428-B62E-A389-303F97116571}" = Catalyst Control Center Graphics Full New

"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM

"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{5A4712FB-21DA-2E05-C972-03FFA618F2EC}" = CCC Help Korean

"{5B9D2C33-C9B4-ADE3-AC2D-6E13988E4D55}" = Catalyst Control Center Localization Korean

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8

"{5EF8AFB8-2D34-C5A1-32F9-724FBA99BB65}" = Catalyst Control Center Localization Norwegian

"{61833287-C526-2F2F-4975-0C54C6066EFE}" = ccc-core-static

"{622ABFBA-E793-3716-36C8-0F769D26E060}" = CCC Help Japanese

"{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar

"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI

"{68DC42FA-962C-4973-A306-D595D861FA1E}" = MySims™

"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox

"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential

"{69A6B48A-C5C5-5C2A-1A66-E9D267F89002}" = Catalyst Control Center Localization Portuguese

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6C0A6DAF-1E2E-4667-A275-C368E28DF530}" = CCC Help Polish

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme

"{7453C851-DC49-C218-367B-9C9BB50D0531}" = CCC Help Swedish

"{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update

"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart

"{7966A7FF-AC52-4AF2-A08B-AF2F01661830}" = Ragnarok Online

"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI

"{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}" = Motorola Driver Installation 3.4.0

"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status

"{83846EB2-8BCB-461C-5C09-58E56ABA61A3}" = Catalyst Control Center Localization French

"{84DAF382-97D9-5661-597F-02178DDF6256}" = CCC Help Greek

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{87F8C41B-A8E6-8264-9625-9A9F369DDECA}" = Catalyst Control Center Localization Polish

"{89C4E826-5910-F973-2211-EA56FC88EBE8}" = Catalyst Control Center Localization Spanish

"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload

"{90120000-0010-0416-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{669EB263-0AFE-4FCB-A068-DB082CA6273C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{98003BDC-1B68-4970-B28E-ACC8000D2F3E}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{908A7D15-E93F-1878-3AE4-53AA0E96B936}" = Catalyst Control Center Localization German

"{934F3C42-83E5-49EB-81C6-C22F9BB6E9B7}" = Motorola Phone Tools

"{94C65B81-1CCE-3D93-95B5-853B1A3DA539}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PTB

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95120000-0120-0416-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9555B4ED-09A3-4722-8E8C-57A49401D059}" = Windows Live Writer

"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack

"{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync

"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A4908C1D-DEDA-C1FB-BA17-C4A0D7090371}" = Catalyst Control Center Localization Greek

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A6053520-BBBE-9CB4-3436-96C14A849CD9}" = Catalyst Control Center Localization Italian

"{A856A35B-9ECF-E3CD-AF1E-4B6B35ECA31E}" = Catalyst Control Center Graphics Previews Common

"{AA6E423F-CBDF-3608-AC30-0CF08D7C9A07}" = Microsoft .NET Framework 3.5 Language Pack - ptb

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AEB8BA15-3674-3ED6-D889-EC6006B03AC0}" = CCC Help Turkish

"{B13C458E-E32C-21C6-9DC0-3FCD5DAE492C}" = Catalyst Control Center Graphics Full Existing

"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B423159E-3634-C895-6F38-14492F35BBBC}" = CCC Help Chinese Standard

"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1

"{B576DE7F-852D-353C-19C0-390FC6D33439}" = Catalyst Control Center Core Implementation

"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger

"{B6BE9820-C25B-DC1F-932E-9479AE0EF1D6}" = Skins

"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Volta ao Mundo

"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools

"{BB619BDE-1478-58F6-66B2-CC83A69EBDE4}" = Catalyst Control Center Localization Swedish

"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update

"{BB8F3D2F-1832-4C8E-36C9-0FAEB76CB3D9}" = CCC Help Danish

"{BC262737-BD50-9C8E-432E-B5D44181041C}" = Catalyst Control Center Localization Russian

"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A

"{BE338678-1DAA-471D-EB16-5983038A970B}" = CCC Help French

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3

"{C05DE749-02C6-7DDE-F411-A84A69B640D7}" = ccc-utility

"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter

"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA

"{C8F5404B-2283-58BA-0BDE-0186E7D76FA9}" = CCC Help Russian

"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.1

"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer

"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility

"{DB6D6C40-F8DF-031B-DF75-1DE18440E45C}" = ccc-core-preinstall

"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade

"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp

"{DE56404E-CA03-66BE-F585-C5B0083E4F61}" = Catalyst Control Center Localization Thai

"{E0F6BC00-0D3E-56FD-2C22-F71E6DF70AF7}" = CCC Help Hungarian

"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E79B7797-AE62-C6E3-E246-DBF087DB09FB}" = Catalyst Control Center Localization Danish

"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer

"{E95477D3-1952-11F2-372F-616D9DB16F60}" = CCC Help Finnish

"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100

"{EBA5A430-1D46-EA7A-C4B1-E7C5B56AC7C7}" = Catalyst Control Center Localization Japanese

"{EDA9F30A-8B65-3E6F-B353-CCA1C9241471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PTB

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC

"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials

"{F331F43C-64D3-E30B-BD39-13562E2FA1F0}" = Catalyst Control Center Localization Dutch

"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan

"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools

"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA

"{FAC5D7B3-3D4C-F84E-93A1-51B841FBFC15}" = CCC Help English

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations

"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA

"{FE71700B-D002-F573-9E5C-37931A3F68D9}" = Catalyst Control Center Localization Turkish

"{FE8F5832-133B-31E1-25F1-04E23C02DFBE}" = CCC Help Chinese Traditional

"{FF281395-5524-B07D-E6D4-5FD3A9702DAF}" = Catalyst Control Center Localization Czech

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"All ATI Software" = ATI - Utilitário de desinstalação de software

"ATI Display Driver" = ATI Display Driver

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Belle's Beauty Boutique ." = Belle's Beauty Boutique .

"BFGC" = Big Fish Games: Game Manager

"BFG-Diner Dash" = Diner Dash

"BFG-Satisfashion" = Satisfashion

"BitTorrent" = BitTorrent

"BitTorrent Turbo Accelerator" = BitTorrent Turbo Accelerator

"CCleaner" = CCleaner

"CloneCD" = CloneCD

"Diner Dash Flo Through Time_is1" = Diner Dash Flo Through Time

"DinerTown Detective Agency" = DinerTown Detective Agency

"DreaMule_is1" = DreaMule 3.2

"DVD Shrink_is1" = DVD Shrink 3.2

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Episode 104 - Abe Lincoln Must Die!" = Sam and Max - Season One - Episode 104 - Abe Lincoln Must Die!

"Farm Frenzy 3 American Pie1.0" = Farm Frenzy 3 American Pie

"Fashion Solitaire1.0" = Fashion Solitaire

"Foxit Reader" = Foxit Reader

"Free Download Manager_is1" = Free Download Manager 2.5

"FreeStar YouTube MP3 Converter" = FreeStar YouTube MP3 Converter 2.0.3

"HijackThis" = HijackThis 2.0.2

"Hospital" = Theme Hospital

"HP Imaging Device Functions" = HP Imaging Device Functions 7.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0

"HPExtendedCapabilities" = HP Customer Participation Program 7.0

"HPOCR" = OCR Software by I.R.I.S 7.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"IrfanView" = IrfanView (remove only)

"Jane's Hotel Family Hero" = Jane's Hotel Family Hero

"Janes Zoo1.0" = Janes Zoo

"Jojos Fashion Show World Tour1.0" = Jojos Fashion Show World Tour

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.2.5

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5

"Microsoft .NET Framework 3.5 Language Pack - ptb" = Microsoft .NET Framework 3.5 Language Pack - ptb

"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MV AntiSpy 4.0_is1" = MV AntiSpy 4.0

"MV RegClean 5.9_is1" = MV RegClean 5.9

"Neopets" = Neopets

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NVIDIA Drivers" = NVIDIA Drivers

"Pageant Princess" = Pageant Princess

"pbRO" = pbRO

"Pharaoh's Feast (Diner Dash Hometown Hero - Gourmet)" = Pharaoh's Feast (Diner Dash Hometown Hero - Gourmet)

"Polly Bichinhos" = Polly Bichinhos 1.0

"Posh Boutique_is1" = Posh Boutique

"RealArcade 1.2" = RealArcade

"Sally's Salon" = Sally's Salon

"Saras SuperSpa Deluxe1.0" = Saras SuperSpa Deluxe

"Spirited Heart1.0" = Spirited Heart

"The Game of Life - SpongeBob SquarePants Edition1.0" = The Game of Life - SpongeBob SquarePants Edition

"Virtual Families1.0" = Virtual Families

"Virtual Villagers" = Virtual Villagers 1.0

"Virtual Villagers - The Lost Children" = Virtual Villagers - The Lost Children 1.0

"Virtual Villagers - The Secret City" = Virtual Villagers - The Secret City 1.0

"Virtual Villagers - The Tree of Life" = Virtual Villagers - The Tree of Life 1.0

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wedding Dash - Ready Aim Love1.0.94" = Wedding Dash - Ready Aim Love

"Wedding Dash®: Ready, Aim, Love!™" = Wedding Dash®: Ready, Aim, Love!™

"WIC" = Windows Imaging Component

"WildTangent wildgames Master Uninstall" = WildGames

"WinAVI Video Converter_is1" = WinAVI Video Converter

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 8/3/2007 07:51:11 | Computer Name = GABRIELA | Source = crypt32 | ID = 131083

Description = Falha ao extrair lista de raízes de terceiros do CAB de atualização

automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

com erro: Um certificado necessário não está no seu período de validade ao ser

verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo

assinado.

Error - 8/3/2007 07:51:11 | Computer Name = GABRIELA | Source = crypt32 | ID = 131083

Description = Falha ao extrair lista de raízes de terceiros do CAB de atualização

automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

com erro: Um certificado necessário não está no seu período de validade ao ser

verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo

assinado.

Error - 8/3/2007 08:40:34 | Computer Name = GABRIELA | Source = Application Error | ID = 1000

Description = Aplicativo com falha farmfrenzy3_america.wrp.exe, versão 0.5.0.0,

módulo com falha farmfrenzy3_america.wrp.exe, versão 0.5.0.0, endereço com falha

0x001fa726.

Error - 8/3/2007 08:40:38 | Computer Name = GABRIELA | Source = Application Error | ID = 1000

Description = Aplicativo com falha farmfrenzy3_america.wrp.exe, versão 0.5.0.0,

módulo com falha farmfrenzy3_america.wrp.exe, versão 0.5.0.0, endereço com falha

0x001fa726.

Error - 8/3/2007 08:40:45 | Computer Name = GABRIELA | Source = Application Error | ID = 1000

Description = Aplicativo com falha diner dash.exe, versão 0.0.0.0, módulo com falha

diner dash.exe, versão 0.0.0.0, endereço com falha 0x00002936.

Error - 8/3/2007 08:40:47 | Computer Name = GABRIELA | Source = Application Error | ID = 1000

Description = Aplicativo com falha dinerdash2.exe, versão 0.0.0.0, módulo com falha

dinerdash2.exe, versão 0.0.0.0, endereço com falha 0x00002936.

Error - 8/3/2007 09:45:48 | Computer Name = GABRIELA | Source = Userenv | ID = 1041

Description = O Windows não pode consultar a entrada de Registro DllName para {7B849a69-220F-451E-B3FE-2CB811AF94AE},

e ela não será carregada. Isso provavelmente foi causado por um registro incorreto.

Error - 8/3/2007 09:45:48 | Computer Name = GABRIELA | Source = Userenv | ID = 1041

Description = O Windows não pode consultar a entrada de Registro DllName para {7B849a69-220F-451E-B3FE-2CB811AF94AE},

e ela não será carregada. Isso provavelmente foi causado por um registro incorreto.

Error - 8/3/2007 09:45:48 | Computer Name = GABRIELA | Source = Userenv | ID = 1041

Description = O Windows não pode consultar a entrada de Registro DllName para {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D},

e ela não será carregada. Isso provavelmente foi causado por um registro incorreto.

Error - 8/3/2007 09:45:48 | Computer Name = GABRIELA | Source = Userenv | ID = 1041

Description = O Windows não pode consultar a entrada de Registro DllName para {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D},

e ela não será carregada. Isso provavelmente foi causado por um registro incorreto.

[ System Events ]

Error - 19/2/2010 20:56:46 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

Error - 19/2/2010 20:56:59 | Computer Name = GABRIELA | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Logitech Process Monitor devido

ao seguinte erro: %%3

Error - 21/2/2010 13:32:03 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

Error - 21/2/2010 13:32:03 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

Error - 21/2/2010 13:32:03 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

Error - 21/2/2010 13:32:13 | Computer Name = GABRIELA | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Logitech Process Monitor devido

ao seguinte erro: %%3

Error - 21/2/2010 20:36:25 | Computer Name = GABRIELA | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Logitech Process Monitor devido

ao seguinte erro: %%3

Error - 21/2/2010 20:36:31 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

Error - 21/2/2010 20:36:31 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

Error - 21/2/2010 20:36:31 | Computer Name = GABRIELA | Source = NetBT | ID = 4311

Description = Falha na inicialização porque o driver não pôde ser criado.

< End of report >

DigRam · Fevereiro 26, 2010

Boa Noite! Yukko~

<!> Desculpe-me a demora em lhe atender,pois fiquei sem Internet e tive problemas na máquina. :(

°°°°°°°°°°°°°°°°°°°°°

<@> Execute o OTL.exe.

<@> Copie estas informações que estão no Quote,para o campo clipboard da ferramenta. ( Custom Scans/Fixes )

:otl
SRV - (WMPNetworkSvc) -- File not found

SRV - (LVPrcSrv) -- File not found

O4 - HKU\S-1-5-21-1993962763-1004336348-839522115-1003..\RunOnce: [shockwave Updater] D:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_( File not found

O33 - MountPoints2\{f1d65cb9-927e-11dd-a60e-0019218c9b72}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

@Alternate Data Stream - 339 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4EDC977B

@Alternate Data Stream - 293 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9AF3A05F

@Alternate Data Stream - 24 bytes -> D:\WINDOWS:A13295A7311D55BE

@Alternate Data Stream - 177 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:483AC68A

@Alternate Data Stream - 171 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:82591FF7

@Alternate Data Stream - 149 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A63D33A

@Alternate Data Stream - 143 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F69BB936

@Alternate Data Stream - 142 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:2AEB42F1

@Alternate Data Stream - 135 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:695CE4C3

@Alternate Data Stream - 133 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A988B257

@Alternate Data Stream - 132 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F22A9E77

@Alternate Data Stream - 130 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:6DD93FF7

@Alternate Data Stream - 130 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:6D6C4572

@Alternate Data Stream - 129 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:148EE14E

@Alternate Data Stream - 128 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5D52AB7A

@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:CAFA2B66

@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5E22637F

@Alternate Data Stream - 126 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9A00FBCA

@Alternate Data Stream - 126 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:70258565

@Alternate Data Stream - 125 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34

@Alternate Data Stream - 124 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:73828A71

@Alternate Data Stream - 123 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:96FAC731

@Alternate Data Stream - 123 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:91486201

@Alternate Data Stream - 122 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:247D483C

@Alternate Data Stream - 120 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C70C5141

@Alternate Data Stream - 120 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:417EFB56

@Alternate Data Stream - 119 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D26DD363

@Alternate Data Stream - 118 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:63DBE157

@Alternate Data Stream - 117 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:04A2BA27

@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D37AE80B

@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:78CC8F21

@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:67DF79FC

@Alternate Data Stream - 113 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9FC5F43A

@Alternate Data Stream - 113 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:904251FD

@Alternate Data Stream - 112 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:B606BA34

@Alternate Data Stream - 111 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9E1C306C

@Alternate Data Stream - 111 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0725B4DA

@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:435657D8

@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:18F64313

@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:084B0270

@Alternate Data Stream - 108 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:EDDEC855

@Alternate Data Stream - 108 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5E3B85EF

@Alternate Data Stream - 106 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:80EFC1E5

@Alternate Data Stream - 103 bytes -> D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4363DE71

:files

D:\WINDOWS\System32\*.tmp

D:\*.tmp

:Commands

[purity]

[emptytemp]

[Reboot]

<@> Clique no botão Run Fix --> Aguarde a conclusão!

<@> Terminando,vá até a pasta: D:\_OTL\MovedFiles\*.log <-- Poste!

Abraços!

Yukko~ · Março 2, 2010

Desculpa a demora, passei um tempinho ausente da internet.

OTL Log

All processes killed

========== OTL ==========

Service WMPNetworkSvc stopped successfully!

Service WMPNetworkSvc deleted successfully!

File File not found not found.

Service LVPrcSrv stopped successfully!

Service LVPrcSrv deleted successfully!

File File not found not found.

Registry value HKEY_USERS\S-1-5-21-1993962763-1004336348-839522115-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1d65cb9-927e-11dd-a60e-0019218c9b72}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1d65cb9-927e-11dd-a60e-0019218c9b72}\ not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4EDC977B deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9AF3A05F deleted successfully.

ADS D:\WINDOWS:A13295A7311D55BE deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:483AC68A deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:82591FF7 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A63D33A deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F69BB936 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:2AEB42F1 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:695CE4C3 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A988B257 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:F22A9E77 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:6DD93FF7 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:6D6C4572 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:148EE14E deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5D52AB7A deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:CAFA2B66 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5E22637F deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9A00FBCA deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:70258565 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5C321E34 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:73828A71 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:96FAC731 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:91486201 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:247D483C deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:C70C5141 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:417EFB56 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D26DD363 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:63DBE157 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:04A2BA27 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:D37AE80B deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:78CC8F21 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:67DF79FC deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9FC5F43A deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:904251FD deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:B606BA34 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:9E1C306C deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0725B4DA deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:435657D8 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:18F64313 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:084B0270 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:EDDEC855 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:5E3B85EF deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:80EFC1E5 deleted successfully.

ADS D:\Documents and Settings\All Users\Dados de aplicativos\TEMP:4363DE71 deleted successfully.

========== FILES ==========

D:\WINDOWS\System32\CONFIG.TMP moved successfully.

D:\WINDOWS\System32\SET1D6.tmp moved successfully.

D:\WINDOWS\System32\SET1DA.tmp moved successfully.

D:\WINDOWS\System32\SET1DB.tmp moved successfully.

D:\WINDOWS\System32\SET1E2.tmp moved successfully.

D:\msdownld.tmp folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

User: Gabriela

->Temp folder emptied: 114925065 bytes

->Temporary Internet Files folder emptied: 369937 bytes

->FireFox cache emptied: 68665971 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 384257398 bytes

Total Files Cleaned = 542,00 mb

OTL by OldTimer - Version 3.1.30.1 log created on 03012010_203314

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

-------------------------

Queria saber como faço para impedir que processos como o SeaPort do Office rodem ao iniciar o computador, quer dizer, ele não é essencial ao funcionamento da máquina, assim como o MOM e o CCC.

Grata desde de já ;)

DigRam · Março 3, 2010

Boa Tarde! Yukko~

Queria saber como faço para impedir que processos como o SeaPort do Office rodem ao iniciar o computador, quer dizer, ele não é essencial ao funcionamento da máquina, assim como o MOM e o CCC.

<@> Abra o Windows Explorer,ou...

<@> Clique-direito em Iniciar --> Explorar.

<@> Abra Inicializar,que está em destaque:

<!> D:\Documents and Settings\Nome de Usário\Menu Iniciar\Programas\Inicializar <-- Abra esta pasta!

<@> Localize e remova o arquivo SeaPort.exe. <- Clique-direito -> Excluir.

<@> Caso queira,deixe a pasta Inicializar completamente vazia.

ºººººººººººººººººººººººº

<@> Execute o OTL Quick Scan,onde teremos um rápido escaneamento da ferramenta.

<@> Duplo-clique em: < >

<@> Clique em "Scan All Users" --> --> Aguarde!

<@> Copie e poste o relatório. ( OTL log )

Abraços!

Yukko~ · Março 4, 2010

Hey!

Bom, por incrível que pareça (ou não tão incrível assim), a pasta de inicializar já estava vazia, bom, se não tiver outro jeito eu deleto mesmo nos processos, sem problemas (Y)

Aqui segue o Log:

OTL:

OTL logfile created on: 3/3/2010 19:01:04 - Run 2

OTL by OldTimer - Version 3.1.30.1 Folder = D:\Documents and Settings\Gabriela\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

3,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free

Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Arquivos de programas

Drive C: | 114,42 Gb Total Space | 67,85 Gb Free Space | 59,30% Space Free | Partition Type: NTFS

Drive D: | 183,67 Gb Total Space | 105,24 Gb Free Space | 57,30% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: GABRIELA

Current User Name: Gabriela

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Minimal

Quick Scan

========== Processes (SafeList) ==========

PRC - D:\Documents and Settings\Gabriela\Desktop\OTL.exe (OldTimer Tools)

PRC - D:\Arquivos de programas\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - D:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - D:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

PRC - D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - D:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)

PRC - D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

PRC - D:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)

PRC - D:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - D:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)

PRC - D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)

PRC - D:\Arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)

PRC - D:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

PRC - D:\WINDOWS\system32\HPZipm12.exe (HP)

========== Modules (SafeList) ==========

MOD - D:\Documents and Settings\Gabriela\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AntiVirService) -- D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (Nero BackItUp Scheduler 4.0) -- D:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (AntiVirSchedulerService) -- D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (SeaPort) -- D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

SRV - (Ati HotKey Poller) -- D:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)

SRV - (ATI Smart) -- D:\WINDOWS\system32\ati2sgag.exe ()

SRV - (Microsoft Office Groove Audit Service) -- D:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

SRV - (odserv) -- D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (ose) -- D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Pml Driver HPZ12) -- D:\WINDOWS\system32\HPZipm12.exe (HP)

SRV - (IDriverT) -- D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

IE - HKU\S-1-5-21-1993962763-1004336348-839522115-1003\S-1-5-21-1993962763-1004336348-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.2

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1

FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: D:\Arquivos de programas\Mozilla Firefox\components [2010/02/21 17:17:20 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: D:\Arquivos de programas\Mozilla Firefox\plugins [2010/02/21 17:17:21 | 000,000,000 | ---D | M]

[2008/09/28 21:39:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Mozilla\Extensions

[2010/03/02 21:27:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Mozilla\Firefox\Profiles\46l4r82v.default\extensions

[2010/01/29 17:59:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gabriela\Dados de aplicativos\Mozilla\Firefox\Profiles\46l4r82v.default\extensions\personas@christopher.beard

[2010/03/03 18:52:50 | 000,000,000 | ---D | M] -- D:\Arquivos de programas\Mozilla Firefox\extensions